While EU questions legality of email-based schemes, ad-tech asserts it can still personalize advertising — how does that work? 

Two key players in the advertising-technology industry say they will continue to be able to identify and track consumers even as browser makers like Apple, Google, Microsoft and Mozilla move to block so-called “third-party” cookies in 2022 or 2023.  Representatives of LiveIntent Inc. and The Trade Desk Inc. spoke during a virtual seminar Nov. 17 organized by the Interactive Advertising Bureau (IAB) and entitled, “New Rules for Digital Media: Addressability and First Party Data.”

“We have a massive identity graph,” said LiveIntent’s Jessica Munoz.  “We build this customer profile for each client . . . an encrypted ID that is unique to you . . . we know which publishers you are engaging with . . . we have information about the kinds of browser you use.”  Her massage to advertisers and publishers: “We want to help you to know who you don’t know yet who is valuable to you.” 

Jessica said LiveIntent has at least five ways clients can manage consumer privacy choices and share those choices with LiveIntent. “If they want to opt out of ads entirely, we ask that consumers reach out to us to let us know on a global level,” she said. 

Bill Michaels, of the Trade Desk, explained its Unified ID 2.0 service, which he said is non proprietary. Competing ad-tech companies can generate “UIDs” to be part of the system, which The Trade Desk says will be independently governed. No governance entity has been announced yet, however.  UID2.0 starts with an email address supplied by a publisher, which is then “hashed and salted”, Michaels said, so that it remains unique but in theory can’t be linked to an identifiable individual. He called the email-based string “a safe packet inside the bidstream” and enables “targeted personalized advertising in a way that keeps consumers identity safe.” 

• Unified ID 2.0 Faces Roadblocks In Europe as a Result of GDPR | Allison Schiff, AdExchanger.com
• EDPB makes a direct call for EU legislators to implement stricter regulations on targeted advertising | EDPR statement

Michaels said UID2.0 is being trialed in the United States and Canada and several countries in Asian by “several advertisers” — but not yet in the European Union, where the General Data Protection Regulation (GDPR) is effective. 

RELATED LINKS: 

• Can Wall Street’s ad tech love affair last? | Ronan Shields, DigiDay.com
• What Business IT Leaders Need to Know About the Future of Privacy | Nader Henein, Research VP, Garner, Inc., via InformationWeek.com

WASHINGTON WATCH

Ad industry interests offer “survey” findings of strong support for unspecified federal vs. state privacy actions; Ingis quoted 

A policy group supported primarily by the U.S. advertising industry asserted on Nov. 19 that a cross-section of Americans strongly favor federal privacy legislation rather than patchwork state solutions — but the survey does not appear to be specific about policy provisions the public supports, and the exact phrasing of survey questions was not released. 

It is significant that the ad industry is trying to muster federal action that would supercede state laws such as the tough California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), which the industry opposes. 

The findings of the survey, but not the survey detail itself, were announced by Privacy for America, which is championed by Stuart P. Ingis, a Washington attorney who has a reputation as a privacy-policy power broker for the advertising and publishing industries. Privacy for America has a set of proposals for privacy legislative proposals.

The report was put together by two marketing and surveying organizations, Research Narrative and InnovateMR. They said it draws on a 1,524-respondent nationwide online survey of registered voters, “across a demographic cross section of U.S. registered voters ages 18+, balancing for age, ethnic and gender representation.  Reported findings may be found HERE. A couple of key points summarized in the Privacy for American statement: 

Some 92 percent of surveyed voters “report that it is very or somewhat important that Congress pass legislation to protect consumer data privacy.” Supported was highest among Democrats (95.4%), followed by independents (92.0% and Republicans (89.3%). 

Four in every five voters want to create a national standard for all companies to follow that would “outright prohibit harmful ways of collecting, using and sharing personal information.”

“These findings make clear that an overwhelming majority of Americans want Congress to pass nationwide privacy legislation that protects all Americans, no matter where they live,” Ingis was quoted in the news release as saying. “In today’s highly polarized political climate, comprehensive privacy legislation is a rare bipartisan opportunity for Congress to deliver real protections for Americans and small businesses seeking to recover from the pandemic and protect the responsible use of data that drives our economy. We urge lawmakers from both parties to come together to make a national privacy law a reality in the United States.”

• House Democrats Reintroduce Sweeping Ad-Targeting Restrictions | Wendy Davis, DigitalNewsDaily/MediaPost.com | BILL TEXT | BILL SUMMARY
• RELATED: The Online Privacy Act from Reps. Anna G. Eshoo and Zoe Lofgren would give people user data rights | Rob Pegoraro, PCMag.com | REP. ESHOO’s STATEMENT
• “Filter Bubble Transparency Act” protecting social-media data | Tyler Adkisson, Newsy.com
• Policymakers want to regulate AI but lack consensus on how | Matt Asay, TechRepublic.com
• Can policymakers strike a balance between digital privacy and online safety? | Amy Houston, TheDrum.com
• Will tech companies or regulators have the final say in our privacy debate? | Kendra Clark, TheDrum.com ($)

FTC AND PRIVACY 

• U.S. Chamber Seeks Records on FTC’s Pursuit of Consumer Privacy Rules | Andrea Vittorio, BloombergLaw.com
• FTC Chair Khan Brings on AI Policy Advice From NYU Researchers | Andrea Vittorio, BloombergLaw.com
• FTC’s Wilson expands on scathing critique of Khan, calling agency’s direction ‘appalling and gut-wrenching’ | Khushita Vasant & Mike Swift, mLex/LexisNexis

STATEHOUSE BEAT

Massachusetts moves to front of states proposing tough data privacy law with private-action right; $20M fines; key date Feb. 2

Privacy advocates and lobbyists for Massachusetts businesses that collect consumer data should circle on their calendar the date of Feb. 2 — by which a state Senate joint committee must report out a tough privacy bill or allow it to languish and probably die.   The “Massachusetts Information Privacy Act” (MIPA) bill got a public hearing on Oct. 13. 

Two lawyers from the Pierce Atwood LLP firm, Melanie Conroy and Peter Guffin, have been following the bill and one which died in a previous session and have written a comprehensive, nine-page summary of its provisions and hearing testimony.  The most important provisions:

• Anyone over age 18 who believes their privacy is violated under the law can bring a civil suit and collect up to $15,000 per violation. 
• It applies to any business that earns more than $!0,000 in annual revenue through 300 or more transactions or that processes or maintains the personal information of 10,000 or more individuals. 
• A five-member Massachusetts Information Privacy Commission, would enforce and investigate and empower the state’s attorney general to litigate violations with civil penalties up to $20 million or 4 percent of annual global revenue of a covered entity. 

The Massachusetts law would thus be tougher in respects than California’s. Its language was reviewed by Woodrow Hartzog, the prominent privacy expert at Northeastern University, he told Privacy  Beat. 

“It is difficult to overstate the magnitude of compliance and litigation risks MIPA may create for businesses collecting data from Massachusetts consumers and employees,” Control and Guffin wrote in their bill analysis. 

• Massachusetts Data Privacy Bill Would Increase Litigation Risks | Melanie Conroy & Peter Guffin, Pierce Atwood law firm | DOWNLOAD ARTICLE
• New State Privacy Laws Impose Higher Restrictions on Processing Sensitive Personal Data | C. Blair Robinson, Perkins Coie law firm
• Utah’s auditor names the state’s first chief privacy officer | Collin Wood, StateScoop.com

PLATFORMS AND PRIVACY:
Reuters and Wired assert Amazon “war” on privacy

• Amazon wages secret war on Americans’ privacy, documents show | Jeffrey Dastin, Chris Kirkham & Aditya Kalra, Reuters PLC | REQUEST YOUR DATA
• Go read this look into how Amazon failed to secure customer personal data | Jasmine Hicks, Wired.com
• Former Biden aide helped Amazon kill off dozens of privacy laws nationwide, leaked documents show | Martin Coulter, BusinessInsider.com
• Amazon’s Dark Secret: It Has Failed to Protect Your Data | Will Evans, Wired.com
• Amazon security chief put together “with tape and bubblegum” | Ben Gilbert, BusinessInsider.com
• Apple’s ad business seeing gain $1B from privacy moves against competitors | Emily Bary, MarketWatch.com
• Edward Snowden calls out Google over search engine’s privacy | Barry Schwartz, SearchEngineLand.com
• Google Chrome adds important data privacy feature with beta update | Times of India 
• Apple’s ad privacy change impact shows the power it wields over other industries | Kif Leswing, CNBC.com

PLATFORMS AND NEWS 

• AN INVESTIGATION: How Facebook and Google fund global misinformation | Karen Has, MIT Technology Review 
• Hate speech in Myanmar continues to thrive on Facebook | Sam McNeil & Victoria Milko, Associated Press
• Facebook Isn’t Telling You How Popular Right-Wing Content Is on the Platform |  Julia Angwin, TheMarkup.org

Publisher group highlights Irish nonprofit’s latest compilation of Google/Facebook ad-tech challenge to “sustainability”

The research director of Digital Content Next (DCN), the U.S. trade association of quality digital news and magazine publishers, prominently featured an Irish nonprofit’s report detailing why the current programmatic advertising technology system is said to hurt publishers and help Google and Facebook. 

“Surveillance advertising isn’t just problematic, it east publisher revenues,” is how the account by Rande Price, DCN’s research director, is headlined.  The Irish Council of Civil Liberties report, itself yield “Sustainable without surveillance,” is authored by Johnny Ryan, a former journalist, ad-tech and privacy advocate who has been prominently seeking sanctions in the European Union against opaque ad tracking.  

• Surveillance advertising isn’t just problematic, it eats publisher profits | Rande Price, DigitalContentNext.org | REPORT DOCUMENT

Much of the report represents a re-assembly of previous disclosures and arguments, but in a compelling format. 

“Tracking-based online advertising imperils fundamental rights and publisher sustainability,” the report says.  It says four things harm publishers: (1) leakage of publishers’ audience data (2) siphoning of ad revenue off to technology intermediaries (3) spreading of user data across the web and (4) diversion of billions in ad revenues to operators of “ad fraud bots” charging for clicks on ads by non humans. 

ADVERTISING TECHNOLOGY 

• IAB Tech Lab chief embraces co-operation with Google on FLoC browser identity control  | Anthony Katsur via Twitter 
• Consumer Reports posts thorough summary of ad-tech after third-party cookies | Adam Tanner, ConsumerReports.org
• Ex-Facebook manager says Apple privacy crackdown massively drops ad effectiveness | Kali Hays, BusinessInsider.com 
• VENDOR VIEW: No third-party magic bullet to identity crisis | Colette Munnelly, Xandr/AT&T via WhatsNewInPublsihing.com
• VENDOR VIEW: Deprecating the cookie: The impact of eliminating third-party identifiers | Josh Perlstein, Response Media via VentureBeat.com
• Twitter rolls back AMP support, no longer sends users to AMP pages | Henry Powderly, SearchEngineLand.com
•  

Aspen “Commission on Information Disorder” report seen as both tech-savvy and socially conscious look at crisis for democracy 

ITEGA’s interest in privacy, identity, ad tech are subsidiaries of a larger challenge — how do we ensure that the Internet lives up to a vision to provide us the information we need to be effective and informed citizens in democracies?  A unit of the Aspen Institute, the “Commission on Information Disorder” was out with a foundation-funded report last week that focuses on abuses by social-media platforms, but touches on all of the above.

If you can’t take the time to read the whole “final report” a perceptive synopsis was provided on Nov. 19 by Damon Beres, editor-in-chief of Unfinished, a unit of Frank McCourt’s Project Liberty, in a weekly blog post. He calls the report “tech savvy and socially conscious in equal measure” and provides his own links to three other trenchant analyses of it, including: Nieman Lab’s Josh Benton’s “How do you fix an “information disorder”? The Aspen Institute has some ideas.”

PERSONAL PRIVACY 

• Defining “profiling” — its similar in both EU and U.S. laws | David A. Zetoony, GreenbergTraurig LLP law firm
• Regulators Are Zeroing In On Privacy Implications of Web Scraping | Myra Baylson et al., Cozen O’Connor law firm
• How to Use a Fake Email Address to Protect Your Privacy | Thomas German, ConsumerReports.org
• Email aliases won’t completely stop phishing attacks | Joshua Hawkins, Lifewire.com
• Tennessee professor says privacy requirements should be part of broadband infrastructure | Stuart Brotman, The Tennessean, via Benton Institute 
• Los Angeles police partnered with tech firm that enables secretive online spying | am Levin & Johana Bhuiyan, TheGuardian.com
• Personalization’s Chief Risk and Reward: Identity Reinforcement | Joseph Zappa, StreetFightMag.com
• Column: Your ISP says it cares about your privacy. Not so much, actually, says FTC | David Lazarus, Los Angeles Times 
• How Creepy Is That New Product? Mozilla’s *privacy not included Privacy Guide Will Tell You | Deborah Cole, Robinson & George LLP law firm
• RESEARCH: IAB Tech Lab’s Katsur comments on “differential privacy” research | Antony Katsur via Twitter | RESEARCH PAPER 
• Stop your snooping smart TV — how to turn off data collection for every brand | Brian Westover, TomsGuide.com
• DuckDuckGo wants to stop apps tracking you on Android | Matt Burgess, Wired.com/ArsTechnica.com
• This Tool Protects Your Private Data While You Browse | Eurasia Review
• Airports Are Embracing Facial Recognition. Should We Be Worried? | Molly Glick, DiscoverMagazine.com

EU & UK PRIVACY 

• Irish data “cop” Helen Dixon defends her record of enforcement against Big Tech | Stephanie Bodoni, Bloomberg.com
• EU’s data protection adviser latest to call for ban on tracking ads | Natasha Lomas, TechCrunch.com
• The future of data protection in the EU’s digital market strategy |. Jedidiah Bracy, IAPP Privacy Advisor
• Google reaches content deals with German publishers | Associated Press

WORLD PRIVACY 

• China’s data privacy laws start to bite as traders scramble to comply | Yao Minji, SHINE.cn
• Canada’s privacy commissioner orders probe into data leak that may have endangered Afghans | Evan Dyer, CBC News
   

UPCOMING EVENTS

• VENDOR WEBINAR: Identity Resolution in the Cookieless World | Nov. 29, Telium.com vs. EMarketer.com
• WEBINAR: Understanding Digital Data Flows: Beyond the Basics of Online Advertising | Nov. 30, Future of Privacy Forum
• WEBINAR: Understanding Information Governance, Data Privacy, and Data Breach Exposure | Dec. 1, HaystackID.com (vendor)
• WEBINAR: Addressability Solutions Roadshow | Dec. 8, IAB Tech Lab 
• LIST: Omidyar Good ID project lists upcoming identity gathering